Simple Spring Boot application vulnerable to CVE-2021-44228 (Log4Shell)

This proof-of-concept application for CVE-2021-44228 (a.k.a log4shell) is a part of my writeup. For the complete exploit details, refer to the writeup.

Instructions

Run:

docker run --rm -p 8080:8080 --name log4shell-poc-app ghcr.io/guerzon/log4shellpoc:latest

Or build and run:

docker build . -t log4shellpoc
docker run --rm -p 8080:8080 --name log4shell-poc-app log4shellpoc

Result

Notes

Spring Boot project inspired by: https://github.com/christophetd/log4shell-vulnerable-app/

Name		Name	Last commit message	Last commit date
Latest commit History 6 Commits
gradle/wrapper		gradle/wrapper
screenshots		screenshots
src		src
.gitignore		.gitignore
Dockerfile		Dockerfile
LICENSE		LICENSE
README.md		README.md
build.gradle		build.gradle
gradlew		gradlew
gradlew.bat		gradlew.bat
settings.gradle		settings.gradle

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Simple Spring Boot application vulnerable to CVE-2021-44228 (Log4Shell)

Instructions

Result

Notes

About

Languages

License

guerzon/log4shellpoc

Folders and files

Latest commit

History

Repository files navigation

Simple Spring Boot application vulnerable to CVE-2021-44228 (Log4Shell)

Instructions

Result

Notes

About

Topics

Resources

License

Stars

Watchers

Forks

Languages